For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

chinay2k_15322's avatar
chinay2k_15322
Icon for Nimbostratus rankNimbostratus
Apr 09, 2015

Bandwidth Control per IP

Hi,

 

I am using vcmp and running v11.5.0 and going to use an iRule to limit the bandwidth per IP. I want to limit 1Mbps for each IP. When I test it by downloading a file from "192.168.10.24" and "192.168.10.100" simultaneously from the HTTP server in LAN, it seems that it does not work as expected because I find the total download speed is around 1Mbps. I have already configured to use Source Address in CMP hash. My iRule and BWC policy are below:

 

when CLIENT_ACCEPTED {

 

set ClientIP [IP::client_addr]

 

if {$ClientIP equals "192.168.10.24" or $ClientIP equals "192.168.10.100"} { BWC::policy attach BWC_user1_per_IP } }

 

root@(test)(cfg-sync Standalone)(/S1-green-P:ModuleNotLicensed:Active)(/Common)(tmos) list net bwc-policy BWC_user1_per_IP net bwc-policy BWC_user1_per_IP { max-rate 1mbps }

 

Is there anything wrong with my setting or the iRule? Thanks in advance.

 

application delivery
design
devops
iRules
LTM

1 Reply

  • bonny_11145's avatar
    bonny_11145
    Historic F5 Account
    Jul 06, 2015

    Hi Chinay2K,

    You've defined a static BWC. A static BWC is only concerned with the overall BW and does not actually set a per user (IP address) limit. Have a look at a dynamic BWC policy to allow per user max rate.

    A definition of such policy looks like:

    net bwc-policy bwc_per_user_dn {
    dynamic enabled
    max-rate 10mbps
    max-user-rate 1mbps
}

    The policy above is limited to 10mbps in total and max 1mbps per user. HTH